Set Up Cortex XDR – Investigation and Response

Set Up Cortex XDR – Investigation and Response

After you set up the your network, cloud,
and/or endpoint sensors you can use Cortex XDR – Investigation and
Response.

(Optional) From the Cortex XDR – Investigation
and Response app, import any known malicious
indicators of compromise (IOCs) for which you want to raise an alert.

(Optional) Import any known malicious
behavioral indicators of compromise (BIOCs) for which you want to
raise an alert.

Palo Alto Networks automatically delivers BIOC rules defined
by the Palo Alto Networks threat research team to all Cortex XDR
– Investigation and Response tenants, but you can also import any
additional rules, as needed.